<?php
require_once '../config/config.inc';
@session_start();
$errmsg=array();
$errflag=false;
$message="";
$conn = mysql_connect(DB_HOST,DB_USER,DB_PASSWORD);
if(!$conn){
	echo mysql_error();
}
$db=mysql_select_db(DB_DATABASE);
if(!$db){
	mysql_error();
}

function clean($str){
	if(get_magic_quotes_gpc()){
		$data=stripcslashes($str);
		$data=trim($str);
	}
	return mysql_real_escape_string($str);
}
if(isset($_POST['sub-btn'])){
	$email=clean($_POST['email']);
	$password=clean($_POST['pass']);
	
if ($email==""){
	$errmsg[]="email is missing ";
	$errflag=true;
}
if($password==""){
	$errmsg[]="password is missing";
	$errflag=true;
}

if($errflag){
	$_SESSION['ERROR_MSG']=$errmsg;
	session_write_close();
	header("location:../login.php");
	exit();
}
$password = md5($password);
$result = mysql_query("SELECT * FROM `user` WHERE email='$email' and password='$password'");
$row=mysql_fetch_array($result);
if(mysql_num_rows($result)==1) {
$_SESSION['USER_ID'] = $row['id'];
$_SESSION['FULL_NAME'] = $row['fullname'];
header("Location: ../dashboard/myevent.php");
} else {
	$errmsg[]="Invalid email/password combination";
	$_SESSION['ERROR_MSG']=$errmsg;
	session_write_close();
	header("location:../login.php");
	exit();
}
}
else {
	echo "NOT WAY MAN";
}
?>